Government Careers
  • Principal Security Engineer I (Hybrid)

  • Phenom People
  • Englewood, Colorado 80111 United States View Map

Cyber Security Risk Assessor

This position is eligible to work in a hybrid work model (combination of in-office and remote days).

Job Scope

Responsible for leading the engineering activities that evaluate cyber security risk and potential security threats to the company's ISP, Video, Voice, software and cloud systems. This position will work closely with network engineering, video engineering, product groups and technical operations staff performing cyber security risk assessment and management of existing and new business technologies and tools improve security operations, risk management processes and as security threats and vulnerabilities are detected and coordinate the response to mitigate and remediate the threat to Charter's network. Assessor will be a part of a team that conducts the threat management and risk assessment processes for network security operations and communicate to executive leadership.

Duties And Responsibilities

  • Recommend and implement processes and controls through risk assessment that establish appropriate governance structures for managing risk according NIST and other frameworks.
  • Advise and provide consulting on security counter-measures.
  • Actively advises on and evaluates the impact of cyber threats.
  • Recommend design security processes and solutions used by Network Security Operations.
  • Develop security requirements for new projects and perform the security risk assessments prior to going into production.
  • Perform and coordinate engagements with 3rd party service providers to perform ongoing security testing on critical assets.
  • Ensure compliance with security standards, policies and procedures.
  • Adhere to industry specific local, state, and federal regulations, as applicable.

Basic / Minimum Qualifications

  • Bachelor's Degree in Computer Science, Information Security or related field and/or related work experience
  • Minimum of Eight (8) years of IT/Network Engineering experience
  • Minimum of Eight (8) years of Cyber Security experience

Additional Job Qualifications

  • Ability to read, write and speak the English language to communicate with employees, customers, suppliers, in person, on the phone, and by written communications in a clear, straight-forward, and professional manner.
  • Established ability to plan, structure and execute on extended efforts and across multiple teams, including the demonstrated ability to communicate effectively and delegate tasks to junior team members.
  • Established knowledge of Automated Deployment, Secure Configuration management, and compliance validation tools
  • Established knowledge and management of ACLs, Firewalls, Intrusion Prevention and Detections, and load balancing.
  • Established knowledge and application of industry standard risk management frameworks including NIST, ISO, CSRIC, etc.
  • Established knowledge of identity management frameworks and technologies, including but not limited to user and privileged access management.
  • Established knowledge of security controls for server compute, network attached storage, virtualization, and containers in a data center and cloud implementations.
  • Established ability to facilitate and contribute to technical group discussions such as security monitoring or automation strategy.
  • Established sound business knowledge of disciplines outside of designated technical domain.
  • Proficient knowledge of network and system security vulnerabilities and exploits. Must understand what is required to prevent security exploits, how to detect security attacks and anomalies and how to respond to security incidents and intrusions.
  • Experience with network security design, network security architecture, TCP/IP protocols and topology.
  • Related experience in conducting risk assessments across the organization, mission and business processes.
  • Proficient knowledge in cloud based applications, platforms and services security.
  • Must be a problem solver, able to balance competing priorities, have a strong process orientation and be able to manage through complexity and rapid change.
  • Understanding of "ownership" of a project/program and the ability to execute on that with accountability.
  • Exhibit leadership skills working with cross-functional teams.
  • Subject Matter Expert (SME) with cybersecurity solutions and critical controls as you will be expected to consult and perform assessments against these items and architecture.
  • Have information security experience in a variety of industries and company types to show a depth and breadth of security acumen.
  • Excellent verbal communication and written composition skills with experience and confidence providing reports and consultation to internal clients and executive level staff.
  • A keen ability to discuss, consult on, and drive solutions around the Common Body of Knowledge (CBK) which is a comprehensive compilation of all the relevant subjects a security professional should be familiar with.

Preferred Qualifications

  • Current security certifications, such as CISSP, ISACA, and SANS GIAC. Firewall, Intrusion Detection Systems, and/or other security technologies engineering
  • Information Security Risk Management
  • Cyber-security Consulting

Working Conditions

  • Office Environment
  • May require some weekends and evening shift work
  • Minimal Travel Required

Cyber Security Risk Assessor

This position is eligible to work in a hybrid work model (combination of in-office and remote days).

Job Scope

Responsible for leading the engineering activities that evaluate cyber security risk and potential security threats to the company's ISP, Video, Voice, software and cloud systems. This position will work closely with network engineering, video engineering, product groups and technical operations staff performing cyber security risk assessment and management of existing and new business technologies and tools improve security operations, risk management processes and as security threats and vulnerabilities are detected and coordinate the response to mitigate and remediate the threat to Charter's network. Assessor will be a part of a team that conducts the threat management and risk assessment processes for network security operations and communicate to executive leadership.

Duties And Responsibilities

  • Recommend and implement processes and controls through risk assessment that establish appropriate governance structures for managing risk according NIST and other frameworks.
  • Advise and provide consulting on security counter-measures.
  • Actively advises on and evaluates the impact of cyber threats.
  • Recommend design security processes and solutions used by Network Security Operations.
  • Develop security requirements for new projects and perform the security risk assessments prior to going into production.
  • Perform and coordinate engagements with 3rd party service providers to perform ongoing security testing on critical assets.
  • Ensure compliance with security standards, policies and procedures.
  • Adhere to industry specific local, state, and federal regulations, as applicable.

Basic / Minimum Qualifications

  • Bachelor's Degree in Computer Science, Information Security or related field and/or related work experience
  • Minimum of Eight (8) years of IT/Network Engineering experience
  • Minimum of Eight (8) years of Cyber Security experience

Additional Job Qualifications

  • Ability to read, write and speak the English language to communicate with employees, customers, suppliers, in person, on the phone, and by written communications in a clear, straight-forward, and professional manner.
  • Established ability to plan, structure and execute on extended efforts and across multiple teams, including the demonstrated ability to communicate effectively and delegate tasks to junior team members.
  • Established knowledge of Automated Deployment, Secure Configuration management, and compliance validation tools
  • Established knowledge and management of ACLs, Firewalls, Intrusion Prevention and Detections, and load balancing.
  • Established knowledge and application of industry standard risk management frameworks including NIST, ISO, CSRIC, etc.
  • Established knowledge of identity management frameworks and technologies, including but not limited to user and privileged access management.
  • Established knowledge of security controls for server compute, network attached storage, virtualization, and containers in a data center and cloud implementations.
  • Established ability to facilitate and contribute to technical group discussions such as security monitoring or automation strategy.
  • Established sound business knowledge of disciplines outside of designated technical domain.
  • Proficient knowledge of network and system security vulnerabilities and exploits. Must understand what is required to prevent security exploits, how to detect security attacks and anomalies and how to respond to security incidents and intrusions.
  • Experience with network security design, network security architecture, TCP/IP protocols and topology.
  • Related experience in conducting risk assessments across the organization, mission and business processes.
  • Proficient knowledge in cloud based applications, platforms and services security.
  • Must be a problem solver, able to balance competing priorities, have a strong process orientation and be able to manage through complexity and rapid change.
  • Understanding of "ownership" of a project/program and the ability to execute on that with accountability.
  • Exhibit leadership skills working with cross-functional teams.
  • Subject Matter Expert (SME) with cybersecurity solutions and critical controls as you will be expected to consult and perform assessments against these items and architecture.
  • Have information security experience in a variety of industries and company types to show a depth and breadth of security acumen.
  • Excellent verbal communication and written composition skills with experience and confidence providing reports and consultation to internal clients and executive level staff.
  • A keen ability to discuss, consult on, and drive solutions around the Common Body of Knowledge (CBK) which is a comprehensive compilation of all the relevant subjects a security professional should be familiar with.

Preferred Qualifications

  • Current security certifications, such as CISSP, ISACA, and SANS GIAC. Firewall, Intrusion Detection Systems, and/or other security technologies engineering
  • Information Security Risk Management
  • Cyber-security Consulting

Working Conditions

  • Office Environment
  • May require some weekends and evening shift work
  • Minimal Travel Required
Government Careers

Government Careers

Government jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.

Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.

Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.

Show more

MORE JOBS